Firo 51% attack post mortem and vote on attackers' funds

Seems like Binance disabled any pars with Firo.
So many lost forever?
It will be not possible to get money back?

Binance is updating the ticker from XZC to FIRO. Read here:
https://www.binance.com/en/support/articles/4a06d6ab6abb4f08b12bb93d6fec30ec

Someone don’t want to hold FIRO and want money back?
But if developers will show strength and will play with the rules, the project will have great future.
Otherwise it will not fly higher than my rockets and will never become SpaceX.
Look at the Charlie Lee works (@HighMiner , thank you): " If a crypto can’t be 51% attacked, it is permissioned and centralized."
He told that when LTC cost less 10$. What is the price of LTC today?
Look to the future of the project

didn’t saw this.
thanks

Whatever is necessary to stay on exchanges is the only option. The ripple effect of being delisted from a major exchange would harm FIRO more than the attack.

Let me start with revealing that my vote was “block funds and reimburse Binance”.
Especially since funds were blocked already when going for vote.
However, what I would like it to be, and how I think majority hope it will be, once Firo technology
is considered completed/finished, is the second option - “do nothing”.
I see as realistic to concede that Firo is not there (completed/finished) yet,
albeit we are inching close to at least loudly proclaim that “the code is untouchable law” for Firo.

Firo core team already went out of its way and manually blocked in the code the funds somehow
( I do not exactly understand how they did it ).
This on one hand shows how prone to centralized actions the project currently is, and,
on the other hand, it actually prevented the attacker from double-spending FIRO,
which is arguably an anti-feature of the once-finished Firo technology.

I see it as urgent to be very clear that this was only possible because the project is still in R&D phase,
defending designed yet unfinished developments, in this case strengthening Firo against 51% attack, and
thus prevent unwanted, unfair behavior.
Locking the funds manually was done to prevent de-facto double spending before the technology is
in its suficiently robust, self-standing, autonomous state a la Bitcoin.

The harm in the market terms hit Firo as a project, but the missing (orphaned) coins provably harm some of its users.
The reason for reimbursing Binance is that these users happened to be Binance users.
It is solely matter of fairness to users who are missing their FIRO coins
as a result of potentially illegal behaviour of double-spending,
and because the features preventing such behaviour are not in place yet as an inherent part of Firo.

It should have nothing to do with bowing to Binance or being scared of Binance.
It is also naive to think that Binance will not de-list us if they want to, even if we reimburse them with missing FIRO.
This is just a matter of fairness in a bit controversial self-defence by Firo.

Just to clarify, we couldn’t do this unilaterally as we required the mining pools to also accept our update. We did explain the situation to them and the code we deployed to manually block was public and accepted by them.

I do agree that as the project matures this sort of thing shouldn’t be possible (in fact if the attacker took just the additional step to anonymize) it would have been a lot harder.

Hi, I’m sproxet, the developer of the Electron-based Firo Client interface. This message is signed with the GPG associated with my GitHub account, which can be retrieved and verified as belonging to that account by going to https://api.github.com/users/sproxet/gpg_keys

I strongly believe that the only viable course of action for the project is to seize the attacker’s funds and use it to compensate exchanges. While it is attractive philosophically to maintain rigid, abstract, and self-consistent principle, such as the doctrine that “Code is Law”, it’s important to understand the real effects that that would have on people, which should be obvious.

We are not slaves to a mechanistic god whose blockchain is of a sanctity beyond any associated with petty human concerns. The systems we create are tools to help people, which can, and in my thought should, be modified as the situation requires to be more effective in that purpose. Our choices, not the decrees of digital deities, decide our future.

-----BEGIN PGP MESSAGE-----

owFlVH1MVWUY5wKlHsOYSMaseAE/Ui+Xml8LGYmoSJofoSOGqO85573nvHnueY/v
+54LF4GZtrTUcuhs/WGhrebcUNTEpCmCaMuNPqyg4A/LjNyo2WxDm056zrnRH/XH
3b33fZ73eX5f5+xNSUoYHTi+bveEgvqd5YHmpDtqoGbjo0eWLaVBVDotgoTDWQ2R
QSRNgnQSJRZzCEcs7B8stogmObNzVSyIjpZQzlCxRYktFWpLwsNYIyG0xqQCRYgQ
2CAIfgpq2NBdTaXpTylZVYKwEEyjWI6cR2JKCZVLXRVhTWOuDQiqTaqZSMM2Ugni
RHIKcHSEbR1FCadh6v0RULSYbVDbUCSD8ViOTEBqDBkMCggKppSOyM/Lww4NGbDQ
VUMai+S5gnCR9w/pPMMxNmwiMaEopUh4PA0r5s33FsdHe/CZDadRilWLIFjEBfHk
wZqkzEZhxr0mBSa+Alp59GG7ILSW+JexlFjbRPg0gcKurQufDqBAVHqNgMkhtgBd
FFKjmdg2iAihcpNafgdMgwHc2wWIHDhmgsGXhi3ABPcjGHyAD+LUoHpQwarw24P+
HkGscK7GbEGFBM+Qw6mtUcciQSRc0BrU9G1nYDK145SV7GKm+zYux9XZQUAB0GnE
YVxi28cMNEBE6S3wbnOCLUTCYWAv4hN85aqZa+nIxFFPQOQQ5q+NeyxMvwg2MzVK
mStCilIOWnGCbCaRsOCWryOGWHmqAH6qgbkQHpOBeKrFtE1QAOIA1HNDEdgGlaTn
X4zZXmxi/wudQyQ0mG4EMgayaITbwosvQSIGCkWEUg0WAyEZByMZs3wcJrGc/3CA
nMZFBgwR8AIoGaZU4tSCHrcI0/8NrSeUoNLFfmg42exSHqfoN8KuuIJgMzxZ8ew5
LneAbAitdDnSTEY1IoK+QPFnFYASn7wO3kswQSdUUuhRoEbBQ8gqhE66nISUNwKn
khMCoxOefCwreeInl5ufnoGXD36cdmnk1fBQovdWSFDGpI6c9EfGDm8onXM5ei/z
3qs/zGU3glX7crY14bWVi9dX7e5tKKucfaHkzb6Kuok/Vz2bpHTUfttY3bF+27H2
9tYd86feLV1UW3gj8VbKpPSeypam7ZV5x8ePis387MzSLY+/22gldW+paOo7PLVj
6Lsp9/Uvr49fPC297Hq2Zgzc7Cq8OvzVlRcHSoeLlryXnRrbNTd5jvrMtcGzBxbs
SAi8vahtQl132dWCk5P7k75OyXz+mFqec98ojs35rePwqoLEFbnbi88phQsPLjjb
WfDjtneyf99/MpZ/MfNoQS46eDBl180TpyuO9sya0lT0yBN39h7KyvkjsEy0jJtX
d6i+Medu9PxzgxnTzV8/bf/z1Fuy9cCx+bPailhf22YRyBzo5WkfftT5zUuHlnVP
stSt4xqOhH55YdSF/Rmze2f+1Dp9X/+DxLTVe7I2djW8vLAjf21yQsuanu4xQ/Wu
crt5yp6VM/RzJ665OmFj5V8PN1z6YOj7dRXvX0lfsjr19rzzX6DPV3T0bX2985p4
bfJg160zT2VcfHDa/Bs=
=a4YD
-----END PGP MESSAGE-----

Reuben you do a great job with Firo!!! A meaningful, cool, and useful job. Thank you. I just needed to get my head around what happened. You could add the fourth option “block funds, reimburse 70% Binance, and the rest give to Reuben” and I would consider it seriously - that’s the level of trust you’ve got with me over the years without even knowing you in person.

Thank you though I would never want to profit from something like this

Yeah, I know. That was a half joke, half analogy.

Would like to hear how we’ll prevent this in the future. I think you touched on it, but more detail would be great!

Chainlock will be the soultion.

Chainlocks are from Dash system and builds of the long lived masternode quorums (LLMQs) which we already functioning. This was always planned in our roadmap.

dips/dip-0008.md at master · dashpay/dips · GitHub is a deeper description of it.

In short, groups of 400 masternodes are formed deterministically and when they see a valid block they will poll among themselves that they saw this block first and sign it. Once signed, it serves as a checkpoint so that no block below this number will be valid.

To disable chainlocks to mount a 51% attack you would need control of 50% of the masternode network upon which it will revert to the longest chain rule.

We’ll be closing this poll in a couple of hours. This is the most voted poll ever. Thank you for all your feedback!

I think this was also a good test in using the forum to help decide on matters. The arguments were excellent.

They can and do! It is called development

Poll is closing in 40 minutes. Last chance to get your votes in.

Poll is now closed. We will make a Github PR enabling this soon, review then deploy.

This is the relevant Github PR Allow one transaction to pass checks without script verification by psolstice · Pull Request #984 · firoorg/firo · GitHub